qvest-task/ansible/setup-cron.yml

---
- name: Setup cron jobs for automated maintenance
  hosts: gitea
  become: true

  tasks:
    - name: Ensure scripts directory exists
      ansible.builtin.file:
        path: /opt/gitea/scripts
        state: directory
        owner: ubuntu
        group: ubuntu
        mode: "0755"

    - name: Copy maintenance scripts to server
      ansible.builtin.copy:
        src: "../scripts/{{ item }}"
        dest: "/opt/gitea/scripts/{{ item }}"
        owner: ubuntu
        group: ubuntu
        mode: "0755"
      loop:
        - backup.sh
        - restore.sh
        - health-check.sh
        - auto-update.sh
        - manual-update.sh

    - name: Setup weekly automatic update cron job
      ansible.builtin.cron:
        name: "Gitea automatic container updates"
        minute: "15"
        hour: "3"
        weekday: "0"
        user: ubuntu
        job: "cd /opt/gitea && /opt/gitea/scripts/auto-update.sh nginx >> /var/log/gitea-cron.log 2>&1"
        state: present

    - name: Setup weekly certificate renewal cron job
      ansible.builtin.cron:
        name: "Certbot certificate renewal"
        minute: "30"
        hour: "3"
        weekday: "0"
        user: ubuntu
        job: "cd /opt/gitea && docker compose run --rm certbot renew && docker compose restart nginx >> /var/log/gitea-certbot-renewal.log 2>&1"
        state: present

    - name: Setup daily backup cron job
      ansible.builtin.cron:
        name: "Gitea daily backup"
        minute: "0"
        hour: "2"
        user: ubuntu
        job: "cd /opt/gitea && /opt/gitea/scripts/backup.sh >> /var/log/gitea-backup-cron.log 2>&1"
        state: present

    - name: Ensure log files exist and are writable
      ansible.builtin.file:
        path: "{{ item }}"
        state: touch
        owner: ubuntu
        group: ubuntu
        mode: "0644"
        modification_time: preserve
        access_time: preserve
      loop:
        - /var/log/gitea-cron.log
        - /var/log/gitea-backup-cron.log
        - /var/log/gitea-auto-update.log
        - /var/log/gitea-manual-update.log
        - /var/log/gitea-backup.log
        - /var/log/gitea-certbot-renewal.log